Access to the official webpage
Role: To ensure that the General Data Protection Regulation (GDPR) and the Data Protection Law Enforcement Directive are consistently applied in the EU countries, as well as Norway, Liechtenstein and Iceland.
Numbr of staff: 21
President: Andrea Jelinek
Year established: 2018
Location: Brussels (Belgium)
The EDPB is an independent body which:
- ensures that EU law in this field – especially the General Data Protection Regulation (GDPR) and the Data Protection Law Enforcement Directive – is consistently applied in all countries that are covered by it promotes cooperation among the national data protection authorities
What does the EDPB do?
- provides general guidance (including guidelines, recommendations and best practice) to clarify the GDPR
- adopts consistency findings, designed to make sure the GDPR is interpreted consistently by all national regulatory bodies, for example in cases relating to 2 or more countries
- advises the European Commission on data protection issues and any proposed new EU legislation of particular importance for the protection of personal data – encourages national data protection authorities to work together and share information and best practices with each other
If you think your data has not been protected, you have 3 options:
- contact the organisation holding your data
- contact your national data protection authority
- put the matter before a national court
National data protection authorities can conduct investigations and impose penalties where necessary.
Who is on the EDPB?
- Chair and 2 deputy chairs, appointed for renewable 5-year terms of office
- Each national data protection authority and the European Data Protection Supervisor (EDPS)
For day-to-day operations, the work of the EDPB receives analytical, administrative and logistical support from a secretariat provided by the EDPS. The members of the staff of the EDPB Secretariat are working under the instructions of the Chair of the EDPB.
How does the EDPB work?
The Board has regular meetings in Brussels, to discuss and make decisions on data protection related issues.
The decisions are made by the plenary meetings, gathering the head of national authorities, on the basis of preparatory work of expert subgroups meetings and of the EDPB Secretariat.